linux has a special file / dev / tcp, open the file sent is similar to a socket call to establish a socket connection to transfer data, read and write this file corresponds to the socket connection.
Open / dev / tcp
reading and writing open / dev / tcp, and specify a server name: www.csdn.net, port number: 80, designated descriptors 8
exec 8<>/dev/tcp/www.csdn.net/80
Command Interpretation: exec
indicates the command is executed; 8
user-specified file descriptor; <>
should be disassembled to <
and >
understood represents read and write, i.e., the open form RW, to open the device /dev/tcp/$DEST/80
, this selection port 80, because it is desirable to send HTTP request, therefore for port 80.
Note: / dev / tcp itself does not exist, can not see the device node in / dev.
- In fact, this device node does not exist in the system, by opening the bash
/dev/tcp
to get socket function is actually bash functional characteristics, not the system.
- Write data to a file
just write some data to the file: echo -e "GET"> & 8
echo -e "GET">&FD
Parsing: echo -e is somehow format sent out (forget -e is the representative of a binary or ASCII);> & indicates the flow of the stream, which represents writing to fd, which is to distinguish the role of &> is greater than the number sense ,> comparison of size> indicates & directed stream.
File reading
information read reply: cat <& 8; if the request is HTTP response, this time should be able to read a few <html> xxxx </ html> out.
Attention
Some versions of the bash may not supported by default on the / dev / tcp open. At this point you can add a parameter bash at compile time: - enable-net-redirections can then recompile bash.
----------------
Disclaimer: This article is the original article CSDN bloggers "town tree village", and follow CC 4.0 BY-SA copyright agreement, reproduced, please attach the original source and link this statement.
Original link: https: //blog.csdn.net/realDonaldTrump/article/details/84423450